Between August and September 2008, Aberdeen Group examined current industry practices for Unified Threat Management (UTM) technologies and services. The experiences and intentions of approximately 110 organizations from a diverse set of industries are represented in this study. Aberdeen supplemented this online survey effort with interviews with select survey respondents, gathering additional information on UTM strategies, experiences, and results.
Aberdeen's recent research in Vulnerability Management sheds new light on how organizations are keeping pace with the never-ending flow of threats and vulnerabilities to their networks, computers, and application software.
The scale of the problem is massive: on average, industry sources reported more than 120 new vulnerability disclosures per week (nearly 90% of which could be exploited remotely over the network), and over 400,000 new examples of malware (including viruses, worms, back doors, key loggers, trojans, spyware, and rootkits) were identified in the last calendar year.
Aberdeen's research shows that trying to keep up with these vulnerabilities and threats is consuming about 14% of the average IT security budget. Most organizations are trying to balance the need to secure their IT infrastructure and safeguard their critical data with the need to increase efficiency and minimize total costs, a matter of heightened importance given the current challenges in our global economy.
Defining Unified Threat Management
Unified Threat Management (UTM) is an IT Security product category originally coined to describe the integration of multiple threat and vulnerability management functions within a single solution (typically, a network appliance). In other words, UTM reflects a deliberate shift:
- From deploying and managing multiple, dedicated IT Security devices / services
- To deploying and managing a single, multi-function IT Security device / service
In the current market, selecting a Unified Threat Management solution is like a box of chocolates … you never know what you're going to get. Baseline UTM functionality is generally agreed to include network firewall, anti-virus, intrusion detection / prevention, and virtual private network, i.e., core capabilities for securing your IT infrastructure. Aberdeen's research shows that buyer attention for new UTM functionality is clearly turning to capabilities that will help them address the many "channels" (including email, web, instant messaging, peer-to-peer file sharing, and voice over IP) for the potential loss or exposure of their sensitive data.
Vendors (and some analysts), in their efforts to explain and differentiate the expanding range of UTM offerings, have expanded their names for this solution category – including UTM, UTM+, UTM 2.0, Extended UTM, xTM, All-in-One Security, Multi-Function Security, and Integrated Security. This has been taken to the point of silliness, resulting in a confusing array of marketing messages and competitive positioning. All are aimed at a similar value proposition, however: secure your IT infrastructure, safeguard your critical data, and lower your total cost of management.